package com.example.demo.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author void
 * @date 2020/12/7 19:46
 * @desc
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * ANT模式使用？匹配任意单个字符，使用* 匹配0或任意数量的字符，
     * 使用**匹配0或者更多的目录。antMatchers（"/admin/api/**"）相当于匹配 了/admin/api/下的所有API
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/admin/api/**").hasRole("ADMIN")
                .antMatchers("/user/api/**").hasRole("USER")
                .antMatchers("/app/api/**").permitAll()
                .anyRequest().authenticated()
                .and().formLogin();
    }

    /**
     * 也支持配置认证用户,一旦定义了会覆盖WebConfig.UserDetailsService的设置
     * @param auth
     * @throws Exception
     */
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.inMemoryAuthentication()
//                .withUser("void").password("123").roles("USER")
//                .and()
//                .withUser("wxg").password("123").roles("USER","ADMIN");
//    }
}
